Security Event Analyst
You’ll be joining our Security & Information Systems Division (S&IS), the division is a pivotal innovator, supplying safety through technology, to provide our customers with more efficient, safe and secure products and services, whatever their requirements may be. The division is a world leader in safety-through-technology, providing tailored solutions for customers in public administration, public safety and security, critical infrastructure, services, transport, large companies, post and logistics.
S&IS (UK) is at the forefront of supplying technology and services for both civil and defence markets, in both the UK and around the world, to enhance the capabilities of its Customers and we need people like you!
You will be joining our highly skilled team at our Bristol site. This is a great opportunity to bring your talents and form an integral part of the company’s future. We can help you develop your skills and offer great opportunities to develop and grow, so why not join us!
As a Security Event Analyst within the Security Operations Centre (SOC), you will work as part of a shift that analyses network, application and system log events in order to identify any potentially abnormal system, network or user behaviours that could indicate compromise or attack. You’ll work within customer SLAs and analyse potential security incidents, escalating these to customers or our CIRT team when required.
If that sounds like your thing, here’s a few of the great things you can expect when you join the team.
You’ll love Bristol. Bristol is regularly voted one of the world’s best places to live. It’s beautiful, a small city that feels like a big city, handily placed for seaside and scenery, but hardly cut off from the rest of the country. It has brilliant food and drink scene and tons of culture, famed for Banksy, Brunel and the invention of Ribena, it’s a quirky city that attracts people of all ages. You can float above the city in a hot-air balloon, or spend a day in the foodie quarter of Wapping Wharf, you’ll never be bored!
We offer fantastic opportunities for learning, development and professional growth. Your career will be massively varied. Learning on the job isn’t just a benefit – it’s a must!
Just some more perks of joining our team…
At the organisation, we believe that our employees work best when they are able to achieve balance between work and other aspects of life and so that you can enjoy the great city of Bristol! That’s why we are committed to designing policies and developing a working environment that promote the benefits and well-being of all our employees.
Key Responsibility Areas
- Analyse security incidents within the SOC within the 24/7/365 shift protective monitoring services to clients.
- Provide monitoring, alerting and incident handling services within the SOC in line with SLAs.
- Perform proactive analysis across client networks from keeping up to date with current threats and trends.
- Act as the initial analytical reference point for identifying and then quantifying the nature and extent of security incident and offer initial professional advice relating to possible business impact.
- Advise on incident containment measures through recommended initial actions to customers.
- Provide advice relating to potential mitigation measures in order to prevent, or limit future reoccurrence.
- Develop and maintain a credible knowledge of current and emerging threats likely to affect the Integrity of the managed service you are protecting.
- Review reoccurring false positive firings and assist in the tuning of SIEM and IDS rules to reduce false positives and maintain good security alerting.
- Ensure all operational incidents, on-going tickets and relevant information is handed over to the oncoming shift in an effective and efficient manner, using the shift handover process and documentation (HOTO).
- When required assist in the creation of reporting for management and clients on security incidents and threat intelligence trends.
Skills, Qualifications & Knowledge Required
You will be motivated, self-managed and willing to help design and adapt a constantly evolving service; demonstrate above average analytical skills and liaise professionally with peers and customers.
We really need you to be able to:
- Be able to excellently communicate at all levels, working with customers is a must, so we need you to be able to let them know what’s going on
- Have a sound knowledge of IT security best practice, common attack types and detection/prevention methods.
- Demonstrate experience of analysing and interpreting system, security and application logs in order to diagnose faults and spot abnormal behaviours
- Have great organisational skills and attention to detail
- Due to the nature of the tasks involved, you must be capable of achieving full SC security clearance
If you are interested in hearing more then please get in contact with Jonny Duggan on 01908 886 038 or email firstname.lastname@example.org